Опубликовано: 28 янв. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.9
Описание
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/xenial | not-affected | 2.0-3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.0-2]] |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
Показывать по
10
EPSS
Процентиль: 83%
0.01875
Низкий
4.3 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.9
nvd
около 6 лет назад
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
CVSS3: 5.9
debian
около 6 лет назад
packet.py in pyrad before 2.1 uses weak random numbers to generate RAD ...
CVSS3: 5.9
github
почти 4 года назад
pyrad is vulnerable to the use of Insufficiently Random Values
EPSS
Процентиль: 83%
0.01875
Низкий
4.3 Medium
CVSS2
5.9 Medium
CVSS3